Setting up disaster recovery for Azure VMs
This tutorial helps you in Setting up disaster recovery for Azure VMs. The Azure Site Recovery service contributes to your disaster recovery strategy by managing and orchestrating replication, failover, and failback of on-premises machines and Azure virtual machines (VMs).
Create a Recovery Services vault
Create the vault in any region, except the source region.
- Sign in to the Azure portal.
- On the Azure portal menu or from the Home page, select Create a resource. Then, select IT & Management Tools > Backup and Site Recovery.
- In Name, specify a friendly name to identify the vault. If you have more than one subscription, select the appropriate one.
- Create a resource group or select an existing one. Specify an Azure region.
- To access the vault from the dashboard, select Pin to dashboard and then select Create.
The new vault is added to the Dashboard under All resources, and on the main Recovery Services vaults page.
Verify target resource settings
Check your Azure subscription for the target region.
- Verify that your Azure subscription allows you to create VMs in the target region. Contact support to enable the required quota.
- Make sure your subscription has enough resources to support VM sizes that match your source VMs. Site Recover picks the same size, or the closest possible size, for the target VM.
Outbound connectivity for IP address ranges
If you’re using a network security group (NSG), create service-tag based NSG rules for access to Azure Storage, Azure Active Directory, Site Recover service, and Site Recover monitoring.
Verify Azure VM certificates
Check that the VMs you want to replicate have the latest root certificates. If they don’t, the VM can’t be registered to Site Recover because of security constraints.
- For Windows VMs, install all the latest Windows updates on the VM, so that all the trusted root certificates are on the machine. In a disconnected environment, follow the standard Windows Update and certificate update processes for your organization.
- For Linux VMs, follow the guidance provided by your Linux distributor, to get the latest trusted root certificates and certificate revocation list on the VM.
Set permissions on the account
Azure Site Recovery provides three built-in roles to control Site Recover management operations.
- Site Recovery Contributor
- Subsequently, Site Recovery Operator
- Also, Site Recovery Reader
Enable replication for a VM
The following sections describe how to enable replication.
- Firstly, Select the source
- Secondly, Select the VMs
- Furthermore, Configure replication settings
- Subsequently, Configure encryption settings
- Finally, Track replication status
Reference documentation – Set up disaster recovery for Azure VMs